Identity Security Consultant

Nair Systems is currently looking   Identity Security Consultant our Qatar operations.

Required Experience & Skills

·      8+ years in Identity Security / Security Engineering

·      Active Directory Security

·      Active Directory hardening

·      Identity Security

·      Red team remediations

·      Understanding of red team findings

·      Change management

Deep hands‑on experience with:

·      Active Directory security

·      Microsoft Entra ID security

·      Conditional Access, MFA, Identity Protection

·      Strong PAM / PIM implementation experience

·      SOC‑level understanding of identity attack detection and response

·      Strong troubleshooting and root‑cause analysis skills

·      Excellent written and verbal communication skills

Core Responsibilities

·      Own identity security engineering across Active Directory (on‑prem) and Microsoft Entra ID

·      Design, implement, and harden identity security configurations

·      Act as technical authority for identity threat prevention, detection, and response

·      Bridge Identity Engineering and SOC / Incident Response

·      Mitigate Red team findings

·      Active Directory Security (On‑Prem)

·      Secure AD DS architecture and configurations

·      Implement and enforce AD Tiering model (Tier 0 / Tier 1 / Tier 2)

·      Protect Tier‑0 assets (Domain Controllers, PKI, ADFS, Entra Connect)

·      Harden:

·      Kerberos authentication

·      NTLM usage and restrictions

·      Delegation (constrained, resource‑based)

·      GPOs for security baselines

·      Manage privileged groups and admin separation

·      Secure trust relationships and forest/domain boundaries

·      Implement PAW / SAW / hardened admin access patterns

·      Review and remediate AD attack paths and misconfigurations

Entra ID (Azure AD) Security

·      Design and enforce Conditional Access policies

·      Implement strong authentication strategies (MFA, passwordless, phishing‑resistant MFA)

·      Configure and monitor Entra ID Identity Protection

·      Harden tenant security posture and reduce identity attack surface

·      Control and monitor:

·      Legacy authentication

·      OAuth app permissions and consent

·      Authentication methods and user flows

·      Govern roles, service principals, and app registrations

·      Secure Entra ID Connect / Cloud Sync architecture

 Privileged Access Management (PAM / PIM)

·      Design and implement least‑privilege access models

·      Understand and work with Cyberark integrations, Sailpoint etc.

·      Implement and operationalize Entra PIM:

·      Just‑In‑Time role activation

·      Approval workflows

·      Role eligibility governance

·      Access reviews and alerts

·      Identity Threat & Attack Chain Expertise

Deep understanding of identity‑based attacks, including:

·      Credential theft and replay

·      Pass‑the‑Hash / Pass‑the‑Ticket

·      Kerberoasting / AS‑REP roasting

·      DCSync / DCShadow

·      Golden and Silver Ticket attacks

·      Privilege escalation and lateral movement

·      Persistence mechanisms in AD and Entra ID

·      OAuth token abuse and app consent attacks

·      MFA fatigue and authentication bypass techniques

·      Map attacker techniques to prevention, detection, and remediation controls

 SOC Integration & Detection Engineering

·      Work closely with SOC teams on identity‑related threats

·      Define and improve identity detection use‑cases

·      Ensure logging and visibility for:

·      Windows Security Event Logs

·      Entra ID audit and sign‑in logs

·      Integrate identity telemetry with SIEM / SOAR platforms

·      Tune alerts to reduce false positives and improve signal quality

·      Build and maintain identity incident response playbooks

·      Support investigations of compromised accounts and privilege abuse

Hardening, Assessments & Continuous Improvement

·      Perform AD and Entra ID security posture assessments

·      Identify configuration drift, technical debt, and risk exposure

·      Deliver remediation plans and track closure

·      Drive continuous identity security improvement initiatives

·      Align identity security posture with Zero Trust principles

 Governance, Risk & Compliance

·      Ensure identity controls meet internal security standards and regulatory requirements

·      Support audit and risk assessments related to identity and access

·      Provide evidence, documentation, and technical justifications

·      Participate in design and security review boards

 Documentation & Knowledge Transfer

·      Produce clear, audit‑ready documentation:

·      Identity architecture diagrams

·      Security standards and configuration baselines

·      SOPs and operational runbooks

·      Incident response procedures

·      Provide knowledge transfer and guidance to internal teams

Joining time frame: 2 weeks (maximum 1 month)

Should you be interested in this opportunity, please send your latest resume in MS Word format at the earliest at [HIDDEN TEXT]